Chip & PIN Tetris hackers can steal credit card info, too
Hacking into sensitive machines and playing brain games on them certainly isn't new -- and a pair of researchers at Cambridge have already done just that on a "tamper-proof chip-and-PIN payment terminal," -- but in a recent (and more serious) development, they've extended the exploit to demonstrate how they can "compromise the system by relaying information between a genuine card and a fake one." Saar Drimer and Steven Murdoch, members of the Cambridge University Computer Laboratory, have not only played Tetris on a banking machine, but have devised a scenario where a terminal is actually connected to a thief's laptop (instead of a bank, for instance), thus passing through crucial information without throwing a red flag to the now-screwed customer. Through a series of RFID, WiFi, and SMS connections, the duo even explains how something so simple could be used to steal thousands of dollars in diamonds and jewelry if working with a trained crew. Still, it's noted that this kind of stunt would be "difficult to execute in practice," and of course, whoever tries it runs the risk of being imprisoned for quite some time, but if you're interested in an eerily detailed description of just how beautiful you life can become if you actually pull this off, the read link demands your attention.
Filed under: Misc. Gadgets
Reader Comments (Page 1 of 1)
steve @ Feb 7th 2007 5:18PM
stealing credit card numbers....
what a waste of a machine that can play tetris...
Carey Bishop @ Feb 7th 2007 9:24PM
This ain't news at all! Look at the date listed on this page: http://www.cl.cam.ac.uk/~mkb23/interceptor/
7th March 2006!
StopSpamming @ Feb 8th 2007 12:00AM
Nothing Alarming !!! :-)
Read carefully...the whole chip was NEVER copied. Only the very same info (visible on the card's surface too) being copied to magstripe cards for 'fraud'. The whole WORLD (including Canada and Mexico) has agreed to convert to EMV contact chip cards for their financial cards, ONLY USA refuses to convert; prefers to stay in magstripe, and at the most RFID cards (the closest!).
The irony is that MasterCard Worldwide and Visa International managed to convince the whole world but failed in their mission with MasterCard USA and Visa USA...the country where the 2 organisations originated.
Well the saying is proven again...
"A prophet is never popular or accepted in his own community..."
As for the PIN...the cards industry has encouraged the banking industry to move from SDA to DDA long ago. But as we all know, the conservative and most-of-the-time "stingy" banking industry still refuses to move... :-(
Oh well...
sylvester White @ Mar 20th 2008 2:10AM
need pin off a visa check card
ATMSKIMMERS4SALE @ Mar 10th 2009 9:31AM
we are engineers we can build you any type of atm skimmer for any atm model you want we build them upon request if you want real atms
skimmers and tired of looking tired of getting ripped off them were the ones to trust stop looking on online forums for atm skimmer the
truth is you will never find a real seller that will delver your atm skimmer all you will find all over the net are rippers fakes that have
nothing to sell our service is the best you want real skimmers built then come to us and stop looking on online forums before you lose your
money to ripper email me
my email = atmskimmers4sale@gmail.com
ICQ: 375934225